We are starting to test out Ceph RGW and have run into a small issue with the
aws-cli that amazon publishes. We have a set of developers who use the aws-cli
heavily and it seems that this tool does not work with Ceph RGW tenancy.
Given user = test01$test01 with bucket buck01
Given user = test02$test02 with bucket buck02
I modify the default bucket acls such that test01$test01 has access to buck02
and test02$test02 has access to buck
Does anyone know how to use the aws-cli such that a user can access buckets in
another tenant. I can not find any incarnation use “aws s3” or “aws s3api” that
lets me use the colon: identifier to specify a tenant namespace for the bucket.
I have tried using an arn specifier for the bucket name but I keep getting the
below error message. The arn I am trying is “arn:aws:s3::tenant:bucket'
Parameter validation failed:
Invalid bucket name "arn:aws:s3:::devops": Bucket name must match the regex
"^[a-zA-Z0-9.\-_]{1,255}$" or be an ARN matching the regex
"^arn:(aws).*:(s3|s3-object-lambda):[a-z\-0-9]*:[0-9]{12}:accesspoint[/:][a-zA-Z0-9\-.]{1,63}$|^arn:(aws).*:s3-outposts:[a-z\-0-9]+:[0-9]{12}:outpost[/:][a-zA-Z0-9\-]{1,63}[/:]accesspoint[/:][a-zA-Z0-9\-]{1,63}$"
Thanks!
--
Mark Selby
Sr Linux Administrator, The Voleon Group
[email protected]
This email is subject to important conditions and disclosures that are listed
on this web page: https://voleon.com/disclaimer/.
_______________________________________________
ceph-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
